IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [wpa2]

Security protocol (IEEE 802.11i) developed by the Wi-Fi Alliance to protect wireless networks.

WPA2 is the successor to the WPA protocol and was released in 2004, it is now mandatory for all new devices that bear the Wi-Fi trademark.

Improvements include:

  • AES-based encryption mode
  • CCMP
317 questions
258
votes
5 answers

Consequences of the WPA2 KRACK attack

Today new research was published on vulnerabilities in wireless network security called Krack. What are the real-world consequences of these attacks for users and owners of wireless networks, what can an attacker actually do to you? Also is there…
Rory McCune
  • 60,923
  • 14
  • 136
  • 217
143
votes
9 answers

To sufficiently protect against KRACK is patching the client, the AP, or both, required?

Following on from this question, I am unclear on which of the following steps are sufficient to protect a WPA2-based wifi connection from the KRACK flaw: Patching the AP (e.g. router) Patching the client (e.g. mobile device) Patching the AP and the…
Jon Bentley
  • 2,001
  • 2
  • 14
  • 16
119
votes
3 answers

Why wasn't the KRACK exploit discovered sooner?

From what I've read, the issue is as simple as performing step 3 of a 4-step handshake and the consequences of performing that step more than once. Considering the complexity of these kinds of algorithms, I'm somewhat surprised that it is so…
Dave Cousineau
  • 880
  • 2
  • 7
  • 9
46
votes
2 answers

WPA2 ephemeral key derivation

I'm trying to learn how ephemeral keys in WPA2 4-way handshake are derived. Starting from 4 EAPOL packets sniffing, I successfully derived PMK and PTK reading ANonce, SNonce, and knowing ASCII-PSK and the SSID. From PTK I derived, by splitting it,…
spazio dati
  • 561
  • 3
  • 4
43
votes
3 answers

What is the best home wireless network encryption algorithm to use?

What is the best home wireless network encryption algorithm to use? I realize the best answer will probably change over time, and hopefully people can provide updated answers as new standards come out. So far, my knowledge, as of early 2015…
Jonathan
  • 3,157
  • 4
  • 26
  • 42
42
votes
4 answers

Are WPA2 connections with a shared key secure?

This is something that has been bugging me for quite some time: when I have a wifi access point with WPA2 encryption and I give out the key, how secure are the connections? With WEP you could easily decrypt all packets using the same key, but with…
vvanscherpenseel
41
votes
8 answers

Why is WPA Enterprise more secure than WPA2?

In personal mode WPA2 is more secure than WPA. However, I have read that WPA Enterprise provides stronger security than WPA2 and I am unsure exactly how this is achieved.
user12199
35
votes
1 answer

How does a nonce reset allow for decryption?

I'm sure that by now most InfoSec-lovers have heard about KRACK. If you haven't, check out this great explaination by a fellow StackExchanger. It's a new attack on WPA2 which allows for decryption and forging of packets in certain (and certainly…
FMaz
  • 472
  • 4
  • 14
33
votes
3 answers

How safe are Wi-Fi Hotspots? Because WPA 2 is compromised, is there any other security protocol for Wi-Fi?

WPA 2 can be cracked using Aircrack-ng in Kali Linux. Is there any other security protocol for Wi-Fi which is not compromised?
RaJ
  • 525
  • 1
  • 4
  • 8
32
votes
6 answers

Recommend Length for Wi-FI PSK?

I currently have a network set up with WPA2 and AES encryption, the password is 8 characters long but was randomly generated and contains no dictionary words. However I'm concerned about the increasing power of computers and their ability to crack…
Concrete Donkey
  • 423
  • 1
  • 4
  • 4
27
votes
2 answers

Strength of WEP, WPA and WPA 2 PSK

I know there are three method for wifi security. What are the relative strengths of the password encryption in WEP, WPA and WPA2 PSK?
Muhammad Sholihin
  • 383
  • 1
  • 4
  • 8
26
votes
2 answers

What are the difference between WPA2-PSK and WPA2-EAP-PSK?

What are the differences between WPA2-PSK and WPA2 EAP-PSK? What are the pros and cons of using one configuration or the other?
boos
  • 1,066
  • 2
  • 10
  • 21
26
votes
1 answer

What is stronger - WPA2 Enterprise with 2048 bit key, or Personal with 63 character passphrase?

Which of the two following has a stronger cryptographic strength in withstanding brute-force attacks? WPA/WPA2 Enterprise using 2048-bit RSA public-key WPA/WPA2 Personal using 63-character Passphrase
ARRE
  • 261
  • 3
  • 3
23
votes
1 answer

How exactly does 4-way handshake cracking work?

From my understanding this is how WPA2 works for home networks: PSK (Pre-Shared Key) is used to generate PMK (Pairwise Master Key), which is used together with ANonce (AP Nonce) to create PTK (Pairwise Transient Key). PTK is devided into KCK (Key…
user3362334
  • 457
  • 1
  • 3
  • 10
23
votes
3 answers

Four-way Handshake in WPA-Personal (WPA-PSK)

Can someone explain to me in what consists the Four-way Handshake in WPA-Personal (WPA with Pre-Shared Key), which informations are being sent between AP and client, how is it possible to find the AP Pre-Shared Key from these informations after we…
Leo92
  • 399
  • 1
  • 3
  • 6
1
2 3
21 22